Organizations are taking on more cyber risk than ever before and a large part comes in the form of third-party and fourth-party risk. The news is inundated with data breaches and data leaks and the average cost of a data breach has reached nearly $4 million globally. It's safe to say that the financial cost alone is enough proof to start investing in tools to prevent data breaches. The unfortunate truth is third-parties cause data breaches.

When I first started researching ATT&CK last year, Persistence was the tactic which made me fall in love. Even though I have been in the industry for some time, I learned more from digging into the various techniques here than any other tactic. While I knew about fun tricks like replacing sethc.exe with cmd.exe and hitting the shift key a bunch of times from a lock screen, there were many other techniques that were brand new to me.

Over the past 12 months, INETCO’s flagship product, INETCO Insight 7, has gained recognition as the go-to solution for acquiring a level of detail within payment transaction data sets that is unprecedented, and extremely useful. Recently, INETCO caught the attention of Bank Director, an information resource to the financial community with a focus on the strategic issues most fundamental to a bank’s CEO, senior leadership team, chairman and independent directors.

This blog post is part twenty-four of the "Hunting with Splunk: The Basics" series. I've been dealing with viruses for years, but this is the first time I've written a blog post where we are dealing with actual viruses. Ever since the 2004 tsunami, I have witnessed cyber-baddies using current events to trick users into opening documents or clicking on links. The COVID-19 breakout is no different.

A vulnerability assessment or vulnerability analysis is the process of identifying the security vulnerabilities in your network, systems, and hardware and taking steps to fix those security vulnerabilities. A vulnerability assessment can provide information that your IT and security teams can use to improve your company’s threat mitigation and prevention processes.

The Foundation of a Zero Trust Architecture (ZTA) talked about the guiding principles, or tenets of Zero Trust. One of the tenets mentions how all network flows are to be authenticated before being processed and access is determined by dynamic policy. A network that is intended to never trust, and to always verify all connections requires technology that can determine confidence and authorize connections and provide that future transactions remain valid.

USB devices are undeniably valuable, but they can be dangerous. On one hand, they are useful in transporting enterprise-critical data, but on the other, they can wreak havoc if misplaced, corrupted due to a human or hardware-related error, or stolen. It’s no wonder some companies forbid the use of USB devices altogether.

Today we’re very excited to announce a partnership with Amazon to support Fargate in Sysdig’s product line. We are also announcing that Falco, the world’s most popular runtime security tool for containers, will soon be able to work on Fargate. This is an important milestone. For the first time, Fargate users will enjoy the benefit of deep instrumentation. This will make their workloads more secure, reliable, and efficient.